General

  • Target

    whatsapp-messenger-2-25-16-79.apk

  • Size

    109.3MB

  • Sample

    250524-21vsfsbl7s

  • MD5

    9bfadc71f867b57d0f7d93c2f979741e

  • SHA1

    3fcc7ad26c732e5a241eca4eed4dedeb4cd8916e

  • SHA256

    1efc8dad9d0913d1075021ffb2c7c424eb7f73c585cd9bd538f759644d1ce777

  • SHA512

    b1d3a44c064197afcf922a51b57db7568a84ed342e728b9ad9864657d39ad9e69c791334d1c853e8241ac1eb76e120b388f01196cd62651ded1911fed27aea59

  • SSDEEP

    3145728:2uKbc+x9M9A2Lz21KSHs3NHROiCx2GWhjuyzm:ic+xP2LK1Rs9HQiC70u8m

Malware Config

Targets

    • Target

      whatsapp-messenger-2-25-16-79.apk

    • Size

      109.3MB

    • MD5

      9bfadc71f867b57d0f7d93c2f979741e

    • SHA1

      3fcc7ad26c732e5a241eca4eed4dedeb4cd8916e

    • SHA256

      1efc8dad9d0913d1075021ffb2c7c424eb7f73c585cd9bd538f759644d1ce777

    • SHA512

      b1d3a44c064197afcf922a51b57db7568a84ed342e728b9ad9864657d39ad9e69c791334d1c853e8241ac1eb76e120b388f01196cd62651ded1911fed27aea59

    • SSDEEP

      3145728:2uKbc+x9M9A2Lz21KSHs3NHROiCx2GWhjuyzm:ic+xP2LK1Rs9HQiC70u8m

    • Patched UPX-packed file

      Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

    • Loads dropped Dex/Jar

      Runs executable file dropped to the device during analysis.

    • Acquires the wake lock

    • Queries information about active data network

    • Reads information about phone network operator.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Mobile v16

Tasks